At the annual VeeamON event this week, Chief Product Officer Anton Gostev unveiled the software appliance. This surprise announcement, which comes with the introduction of Veeam V13, will likely cause quite a stir, as it will fundamentally change how companies organize their backup infrastructure. The goal is clear: simpler implementation, enhanced security as standard, and less management work for IT teams.
Gostev briefly explained the concept when unveiling the software appliance, before going into more detail. We should view the new solution as a software appliance combined with a Just Enough OS (JeOS). This stripped-down operating system is capable of performing backup and replication tasks with a minimal amount of resources. The software appliance can run on “industry-standard hardware” (ideally a server) or a virtual machine.
Veeam emphasizes that freedom of choice remains central, so existing backup infrastructure configurations are perfectly fine. The Software Appliance is an additional option alongside the existing ways of implementing Veeam Backup & Replication. However, Gostev does indicate that customers have requested simpler implementation, built-in security from day one, and less management work around the backup infrastructure.
Tip: Veeam launches framework to close data resilience gap
Pre-built solution for faster implementation
One of the software appliance’s features is that it is delivered fully pre-built. Veeam combines the operating system and backup software into a single package, including maintenance of all components. The solution is delivered as installation media (ISO) that can be installed on physical servers, cloud environments, and virtual machines. All platforms that can boot from an ISO file are supported.
Virtual appliances are available for VMware users. An important feature is that the solution is completely software-defined and hardware-agnostic. Veeam does not prescribe which hardware must be used, as long as it meets the minimum system requirements and disk space.
Gostev emphasizes that user-friendliness is paramount. Veeam offers a simple web interface for general management tasks. Although the Software Appliance is based on Linux, it is designed for people without Linux knowledge. Administrators do not need to delve into the underlying system configuration. They can control everything via the interface, including network settings, time configuration, and user management.
Enhanced security from the start
The presentation also highlights that the software appliance is a pre-hardened solution. The solution features SELinux and other security standards. Veeam has implemented best practices from Linux security experts to reduce the attack surface significantly. SSH and integration services are disabled by default.
With security in mind, the appliance has also been designed to connect with monitoring tools. It can be integrated with Veeam ONE or third-party management consoles. However, users must grant temporary access for incoming connections, after which this feature is automatically disabled after 30 minutes. This ‘secure by default’ principle reduces the risk of unauthorized access.
The architecture has been modified to prevent privilege escalation. Although vulnerabilities are inevitable, the system is designed to make it more difficult for attackers to gain root access. Veeam takes full responsibility for patching and securing the appliance.
In addition, centralized security updates apply to the main appliance and additional backup components, such as proxies and repositories implemented from the same JeOS ISO. This allows the entire Veeam infrastructure to be secured and updated centrally.
Predictability with enhanced security standards
Veeam emphasizes predictability as its third theme. The Software Appliance enables a zero-trust approach, where backup administrators do not have root access to the backup server. A specific security officer must approve sensitive management tasks.
Mandatory multi-factor authentication and complex passwords further increase the security standard. For everyday use, administrators can access the management console more easily via SAML SSO integration, without using complex host administrator credentials.
Security experts are provided with a special interface where only approvals for sensitive changes can be given, implementing the principle of separation of responsibilities.
Now available as beta
The Veeam Software Appliance is already available as a beta. Veeam has distributed this beta through its pre-sales team to ensure a good user experience and gather targeted feedback. Interested parties can contact their Veeam representative to see if beta spots are still available in their region.
With this approach in version 13, Veeam is responding to the changing demands of the backup landscape, where complexity has increased enormously. By addressing this and delivering standard security and efficient management, everything needs to become more modern. The Software Appliance offers a coordinated solution that addresses these challenges without reducing flexibility.